CN109492418A - A kind of safe encrypting and deciphering system of general dsp based on aes algorithm - Google Patents
A kind of safe encrypting and deciphering system of general dsp based on aes algorithm Download PDFInfo
- Publication number
- CN109492418A CN109492418A CN201811395130.4A CN201811395130A CN109492418A CN 109492418 A CN109492418 A CN 109492418A CN 201811395130 A CN201811395130 A CN 201811395130A CN 109492418 A CN109492418 A CN 109492418A
- Authority
- CN
- China
- Prior art keywords
- aes algorithm
- module
- data
- program
- deciphering
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of safe encrypting and deciphering systems of the general dsp based on aes algorithm, including host computer, nextport universal digital signal processor NextPort, serial ports downloader, the deciphering module based on aes algorithm, OTP memory module and program storage based on aes algorithm;For generating ciphertext program code after the program code of security protection will be needed encrypted as code key storage is encrypted in program memory, host computer is also used to by serial ports downloader download to generate in ciphering process 11 wheel decruption keys in OTP memory module host computer.The present invention effectively can prevent program code to be read directly in bus interface; strict protection has been carried out to the program code operated in DSP; in links such as data generation, data transmission, data storage, data runs; the present invention energy security protection, is effectively guaranteed the data safety of operating system.
Description
Technical field
The present invention relates to a kind of safe encrypting and deciphering systems of the general dsp based on aes algorithm, for general dsp to be designed to
Digital signal processor with flexible decryption function, belongs to protecting information safety processing technology field.
Background technique
As the increasingly information-based of modern society, digitlization and networking, demand of the people to information security technology are more next
More extensive, the application field of information security technology gradually expands to social life from traditional military affairs, political department
Various aspects, safety information product become the important leverage of the benign operating of entire society.DSP is as data processing and algorithm application
Core devices, all kinds of space flight, aviation electronic system in play extremely important effect.In application process, third
Side can obtain active program code by many approach, and the information such as especially all kinds of core algorithms, communication protocol can not
It is effectively protected.As the hardware carrier of information security technology, the safe encrypting and deciphering system of building one guarantees data processing
Information is capable of safe transmission and execution and becomes most important.
Summary of the invention
In order to solve the above-mentioned technical problems, the present invention provides a kind of safe encryption and decryption systems of general dsp based on aes algorithm
System.
In order to achieve the above object, technical scheme is as follows:
The present invention provides a kind of safe encrypting and deciphering system of the general dsp based on aes algorithm, comprising:
One host computer based on aes algorithm;
One nextport universal digital signal processor NextPort;
One serial ports downloader;
One deciphering module based on aes algorithm;
One OTP memory module;
One or more program storages are connected with the nextport universal digital signal processor NextPort;
The deciphering module and OTP memory module are built in the nextport universal digital signal processor NextPort;
The host computer based on aes algorithm is for generating ciphertext program generation after the program code of security protection will be needed encrypted
Code is stored in described program memory as encryption code key, and the host computer based on aes algorithm is also used to ciphering process
11 wheel decruption keys of middle generation download in the OTP memory module by serial ports downloader.
As a preferred option, under the host computer based on aes algorithm supports aes algorithm encryption, decruption key to generate
Carry and serial communication function, the encryption key of aes algorithm can an any given 128Bit data, but encryption key and downloading
It must be corresponding to the decruption key in DSP piece.
As a preferred option, the serial ports downloader supports customized communication protocol, is used for decruption key and control
The download transmission of information.
As a preferred option, described program memory device is on the external bus on digital signal processor outside.
As a preferred option, built-in three pieces of regions of the OTP memory module for store 11 wheel decruption keys and
JTAG shielding control signal.
As a preferred option, the operating mode of DSP is divided into secure operating mode and normal mode of operation, trouble free service mould
Formula is consistent with timing under normal mode of operation;Under secure operating mode, ciphertext data in program memory are stored through solving
The plaintext code generated after close module decryption is shifted to chip memory space, completes the execution of program.
As a preferred option, under secure operating mode, JTAG function of shielding is supported, it can not be by jtag port to electricity
Debugged and read on-chip SRAM data in road.
As a preferred option, the DSP is built-in with BootROM module, the mode adjudging built in the BootROM module
Module is for distinguishing secure operating mode and normal mode of operation, under secure operating mode, the nextport universal digital signal processor NextPort
Ciphertext code is moved in deciphering module through data, address bus by the data-moving module built in BootROM module, to
The plaintext code after decryption is moved in on-chip SRAM again after 13 decrypted periods, is opened later to the end of all data decipherings
Begin to execute program.
Design increases pattern discrimination and data-moving function in the BootROM module built in DSP.After circuit start,
Mode decision module is secure operating mode or common work according to the data information decision circuitry stored in OTP memory module
Mode;The decruption key data stored in OTP memory module are read automatically in built-in cipher key register, and pending data is decrypted
It is called in journey;The on-chip SRAM total space refreshes clearing automatically.
The operating mode of DSP is determined by the data information that host computer downloads in OTP memory module.In secure operating mode
Under, the transmission of DSP external bus interface is ciphertext data;JTAG has maskable function, can not be by jtag port to electricity
Debugged and read on-chip SRAM data in road.
The invention has the following advantages: the present invention can effectively prevent program code from directly being read in bus interface
It takes, strict protection has been carried out to the program code operated in DSP, key with flexible design and can be stored in OTP memory module
It is interior, securely and reliably, also key and program code can not be read by way of dissecting chip.Entire dsp operation system is come
Say, in links such as data generation, data transmission, data storage, data runs, the present invention can security protection, effectively
It ensure that the data safety of operating system.
Detailed description of the invention
Fig. 1 is the safe encrypting and deciphering system block diagram of general dsp of the invention.
Fig. 2 is the data recording flow chart of host computer of the invention.
Fig. 3 is general dsp internal structure chart of the invention.
Fig. 4 is ciphertext program code execution flow chart of the invention.
Specific embodiment
The preferred embodiment that the invention will now be described in detail with reference to the accompanying drawings.
In order to reach the purpose of the present invention, as shown in Figure 1, providing a kind of base in one of embodiment of the invention
In the safe encrypting and deciphering system of the general dsp of aes algorithm, comprising:
One host computer based on aes algorithm;
One nextport universal digital signal processor NextPort;
One serial ports downloader;
One deciphering module based on aes algorithm;
One OTP memory module;
One or more program storages are connected with the nextport universal digital signal processor NextPort;
The deciphering module and OTP memory module are built in the nextport universal digital signal processor NextPort;
The host computer based on aes algorithm is for generating ciphertext program generation after the program code of security protection will be needed encrypted
Code is stored in described program memory as encryption code key, and the host computer based on aes algorithm is also used to ciphering process
11 wheel decruption keys of middle generation download in the OTP memory module by serial ports downloader.
Specifically, host computer writes design software program using C Plus Plus, supports 128Bit, 192Bit and 256Bit tri-
The aes algorithm of the different bit wides of kind, has aes algorithm encryption and decryption keys systematic function, and user password is supported to log in, and has good
Good human-computer interaction interface.Decruption key and the downloading of relevant control information are burnt to DSP by serial ports downloader by host computer
Built-in OTP memory module uses therebetween self-defining communication protocol, and it is as described in Figure 2 that data download burning process.OTP
Memory module uses Anti-Fuse Technology design, and built-in three pieces of regional spaces are for storing decruption key and JTAG control information.
Specifically, the host computer based on aes algorithm supports aes algorithm encryption, decruption key to generate downloading and serial ports
Communication function, the encryption key of aes algorithm can an any given 128Bit data, but encryption key and download to DSP piece
Interior decruption key must be corresponding.
Specifically, the serial ports downloader supports customized communication protocol, under decruption key and control information
Carry transmission.
Specifically, described program memory device is on the external bus on digital signal processor outside.
Specifically, built-in three pieces of regions of the OTP memory module are for storing 11 wheel decruption keys and JTAG shielding
Control signal.
Specifically, the operating mode of DSP is divided into secure operating mode and normal mode of operation, secure operating mode and common
Timing is consistent under operating mode;Under secure operating mode, the decrypted module solution of ciphertext data in program memory is stored
The plaintext code generated after close is shifted to chip memory space, completes the execution of program.
Specifically, it under secure operating mode, supports JTAG function of shielding, circuit can not be adjusted by jtag port
Examination and reading on-chip SRAM data.
Specifically, the DSP is built-in with BootROM module, and the mode decision module built in the BootROM module is used for
Secure operating mode and normal mode of operation are distinguished, when working under secure operating mode, the nextport universal digital signal processor NextPort is logical
It crosses the data-moving module built in BootROM module to move ciphertext code in deciphering module through data, address bus, to 13
The plaintext code after decryption is moved in on-chip SRAM again after a decrypted periods, is started later to the end of all data decipherings
Execute program.
Design increases pattern discrimination and data-moving function in the BootROM built in DSP.After circuit start, mode
Judging module is secure operating mode or common Working mould according to the data information decision circuitry stored in OTP memory module
Formula;The decruption key data stored in OTP memory module are read automatically in built-in cipher key register, pending data decrypting process
Middle calling;The on-chip SRAM total space refreshes clearing automatically.
The present invention is based on general dsp exploitation design, in the base for not changing original general dsp framework, instruction set and function
Increase the design of AES deciphering module and OTP memory module on plinth, structure is as shown in Figure 3.On the basis of retaining primary circuit,
Increase mode adjudging and data-moving design.Circuit uses Top-Down Design thinking, in experience demonstration, logical design, emulation
Upgrade to the general dsp for having aes algorithm decryption function after verifying, layout design, plate-making flow and packaging and testing.
Circuit is after electrifying startup, and BootROM module is according to the Working mould of the data decision circuitry in OTP memory module
Formula, under conditions of not needing security protection, the application method of DSP is as the application method of general dsp;If desired DSP work
Make under secure operating mode, host computer and DSP needs are used in combination, and step is substantially as follows:
S1: setting key the plaintext code data for needing safeguard protection is encrypted using host computer, it is close that treated
Literary burning program program storage;
S2: decruption key burning is downloaded in OTP memory module using host computer and serial ports downloader;
S3:DSP powers on judgement and detects there is storing data in OTP memory module, that is, enters secure operating mode;
S4: BootROM module built in circuit automatically into secure operating mode, by program storage ciphertext code data move to
It is decrypted, process is as shown in figure 4, until executing in slice terminates;
Wherein, decryption executes in process, and to move bit wide be to the program of moving of BootROM module ciphertext data for 4 times of 32Bit, then
By the Data Integration of 4 32Bit at the ciphertext data of a 128Bit, AES decryption is enabled, 13 decryption is waited to execute the period,
Module output decryption to be decrypted is completed after identifying, in the register that the plaintext code of 128Bit is write to four 32Bit, finally
On-chip SRAM is written into the plaintext code in four 32Bit registers respectively again, is moved in circles, until all ciphertext data solutions
Close completion.
In addition, under secure operating mode, using host computer, into OTP memory module, burning JTAG controls information, can be with
The debugging function of permanent shielding JTAG, i.e., can not read the data information in any by jtag port.
What has been described above is only a preferred embodiment of the present invention, it is noted that for those of ordinary skill in the art
For, without departing from the concept of the premise of the invention, various modifications and improvements can be made, these belong to the present invention
Protection scope.
Claims (8)
1. a kind of safe encrypting and deciphering system of general dsp based on aes algorithm characterized by comprising
One host computer based on aes algorithm;
One nextport universal digital signal processor NextPort;
One serial ports downloader;
One deciphering module based on aes algorithm;
One OTP memory module;
One or more program storages are connected with the nextport universal digital signal processor NextPort;
The deciphering module and OTP memory module are built in the nextport universal digital signal processor NextPort;
The host computer based on aes algorithm is for generating ciphertext program generation after the program code of security protection will be needed encrypted
Code is stored in described program memory as encryption code key, and the host computer based on aes algorithm is also used to ciphering process
11 wheel decruption keys of middle generation download in the OTP memory module by serial ports downloader.
2. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that the base
Aes algorithm encryption, decruption key is supported to generate downloading and serial communication function, the encryption of aes algorithm in the host computer of aes algorithm
Key can an any given 128Bit data, but encryption key and download to decruption key in DSP piece must be corresponding.
3. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that the string
Mouth downloader supports customized communication protocol, the download transmission for decruption key and control information.
4. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that the journey
Sequence memory device is on the external bus on digital signal processor outside.
5. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that described
Built-in three pieces of regions of OTP memory module are for storing 11 wheel decruption keys and JTAG shielding control signal.
6. the safe encrypting and deciphering system of the general dsp according to claim 1 based on aes algorithm, which is characterized in that described
The operating mode of DSP is divided into secure operating mode and normal mode of operation, timing under secure operating mode and normal mode of operation
Unanimously;When working under secure operating mode, generated after storing the decrypted module decryption of ciphertext data in program memory
Plaintext code be shifted to chip memory space, complete the execution of program.
7. the safe encrypting and deciphering system of the general dsp according to claim 6 based on aes algorithm, which is characterized in that in safety
When working under operating mode, supports JTAG function of shielding, circuit can not be debugged by jtag port and be read in piece
SRAM data.
8. the safe encrypting and deciphering system of the general dsp according to claim 7 based on aes algorithm, which is characterized in that described
DSP is built-in with BootROM module, the mode decision module built in the BootROM module for distinguish secure operating mode and
Normal mode of operation;Under secure operating mode, the nextport universal digital signal processor NextPort is removed by the data built in BootROM module
Shifting formwork block moves ciphertext code in deciphering module through data, address bus, after it will decrypt again after 13 decrypted periods
Plaintext code move in on-chip SRAM, to the end of all data decipherings after start execute program.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811395130.4A CN109492418A (en) | 2018-11-22 | 2018-11-22 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811395130.4A CN109492418A (en) | 2018-11-22 | 2018-11-22 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109492418A true CN109492418A (en) | 2019-03-19 |
Family
ID=65697336
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811395130.4A Pending CN109492418A (en) | 2018-11-22 | 2018-11-22 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109492418A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110135199A (en) * | 2019-05-09 | 2019-08-16 | 中国电子科技集团公司第五十八研究所 | Safety general Digital Signal Processing dsp chip |
CN112257082A (en) * | 2020-10-19 | 2021-01-22 | 北京京航计算通讯研究所 | DSP embedded system debugging interface access control method |
CN112286096A (en) * | 2020-10-19 | 2021-01-29 | 北京京航计算通讯研究所 | DSP embedded system debugging interface access control system |
CN114430319A (en) * | 2020-10-29 | 2022-05-03 | 漳州立达信光电子科技有限公司 | Parallel operation encryption and decryption system, transmitting end device and receiving end device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004114173A3 (en) * | 2003-06-25 | 2005-05-26 | Tuev Rheinland Holding Ag | Product protection gateway and method for authenticity checking of products |
CN104486069A (en) * | 2014-12-23 | 2015-04-01 | 天津光电通信技术有限公司 | GOST encryption and decryption equipment and method based on FPGA (field programmable gate array) |
CN105162578A (en) * | 2015-09-23 | 2015-12-16 | 中国电子科技集团公司第五十八研究所 | Encryption circuit applied to universal digital signal processor |
CN105184196A (en) * | 2015-09-02 | 2015-12-23 | 四川九洲电器集团有限责任公司 | Electronic system information security protection system and method |
CN107947916A (en) * | 2017-12-22 | 2018-04-20 | 四川大学 | A kind of integral type encryption/decryption module based on DES algorithms |
-
2018
- 2018-11-22 CN CN201811395130.4A patent/CN109492418A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004114173A3 (en) * | 2003-06-25 | 2005-05-26 | Tuev Rheinland Holding Ag | Product protection gateway and method for authenticity checking of products |
CN104486069A (en) * | 2014-12-23 | 2015-04-01 | 天津光电通信技术有限公司 | GOST encryption and decryption equipment and method based on FPGA (field programmable gate array) |
CN105184196A (en) * | 2015-09-02 | 2015-12-23 | 四川九洲电器集团有限责任公司 | Electronic system information security protection system and method |
CN105162578A (en) * | 2015-09-23 | 2015-12-16 | 中国电子科技集团公司第五十八研究所 | Encryption circuit applied to universal digital signal processor |
CN107947916A (en) * | 2017-12-22 | 2018-04-20 | 四川大学 | A kind of integral type encryption/decryption module based on DES algorithms |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110135199A (en) * | 2019-05-09 | 2019-08-16 | 中国电子科技集团公司第五十八研究所 | Safety general Digital Signal Processing dsp chip |
CN112257082A (en) * | 2020-10-19 | 2021-01-22 | 北京京航计算通讯研究所 | DSP embedded system debugging interface access control method |
CN112286096A (en) * | 2020-10-19 | 2021-01-29 | 北京京航计算通讯研究所 | DSP embedded system debugging interface access control system |
CN114430319A (en) * | 2020-10-29 | 2022-05-03 | 漳州立达信光电子科技有限公司 | Parallel operation encryption and decryption system, transmitting end device and receiving end device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104156642B (en) | A kind of security password input system and method based on safe touch screen control chip | |
US9251380B1 (en) | Method and storage device for isolating and preventing access to processor and memory used in decryption of text | |
CN109492418A (en) | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm | |
KR102013841B1 (en) | Method of managing key for secure storage of data, and and apparatus there-of | |
CN104202161B (en) | A kind of SoC crypto chips | |
CN102436423B (en) | Controller and method for protecting NorFlash core data outside universal sheet | |
US20080205651A1 (en) | Secure processor system without need for manufacturer and user to know encryption information of each other | |
CN111400732B (en) | USB channel-based encryption and decryption module and equipment | |
US20070101158A1 (en) | Security region in a non-volatile memory | |
CN110135199A (en) | Safety general Digital Signal Processing dsp chip | |
CN104025500A (en) | Secure key storage using physically unclonable functions | |
JP2020529758A (en) | Equipment and methods for encrypting and decrypting stored data | |
KR20110034631A (en) | Method and apparatus for securing digital information on an integrated circuit during test operating modes | |
CN106022169A (en) | Encryption protection method based on ZYNQ small-size cipher machine and device for realizing method | |
CN114785503B (en) | Cipher card, root key protection method thereof and computer readable storage medium | |
CN110659506A (en) | Replay protection of memory based on key refresh | |
RU2458389C2 (en) | Single-chip computer and tachograph | |
CN108959129B (en) | Embedded system confidentiality protection method based on hardware | |
JP2007310601A (en) | Microcomputer and method for protecting its software | |
CN111737773A (en) | Embedded secure memory with SE security module function | |
CN113158203B (en) | SOC chip, circuit and external data read-write method of SOC chip | |
CN114237492A (en) | Nonvolatile memory protection method and device | |
CN109583196B (en) | Key generation method | |
CN102110038B (en) | Hardware test circuit structure applied in security chip | |
CN105844147A (en) | Application attestation method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190319 |